Plan-Design-Implement-Operate-Optimize (PDIOO)

MasumBillah206261 8 views 30 slides Nov 01, 2025
Slide 1
Slide 1 of 30
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30

About This Presentation

Network Design and Management

Size: 993.21 KB
Language: en
Added: Nov 01, 2025
Slides: 30 pages

Slide Content

Dr. Mahboob Qaosar Associate Professor, CSE, RU CSET 150 Network Design and Management Week # 1 Evening Masters Edition

Modular Network Design What Is Modular Design? A module is a component of a composite structure. Modular network design involves creating modules that can then be put together to meet the requirements of the entire network. 2

Modular Network Design Benefit: (Why Modular design???) It is easier to understand and design smaller, simpler modules… It is easier to troubleshoot … The reuse of blocks saves design time and effort… The reuse of blocks allows …growing … providing network scalability . It is easier to change modules rather than the entire network, providing flexibility of design . 3

Modular Network Design Two models that can be used for network design: THE HIERARCHICAL MODEL. THE CISCO ENTERPRISE COMPOSITE NETWORK MODEL . 4

HIERARCHICAL NETWORK DESIGN 5 Hierarchical Network Design Model Separates the Network into Three Functions

HIERARCHICAL NETWORK DESIGN 6

HIERARCHICAL NETWORK DESIGN 7

Access Layer The access layer is where users access the network. Users can be local or remote Hubs operate at OSI Layer 1 , All devices connected to a hub are in the same collision domain. Switches operate at Layer 2 , and each port on a switch is its own collision domain 8

Access Layer Using a LAN switch rather than a hub has a performance advantage: A LAN switch forwards unicast traffic only out of the port through which the traffic's destination is considered reachable. However, a hub forwards all traffic out of all its ports. The access layer must also ensure that only users who are authorized to access the network are admitted. 9

10

Distribution Layer The distribution layer interfaces between the core and access layers, and between access layer workgroups Functions and characteristics include the following: Implementing policies by filtering , and prioritizing and queuing traffic. Routing between the access and core layers. If different routing protocols are implemented at these other two layers, the distribution layer is responsible for redistributing (sharing) among the routing protocols, and filtering if necessary Performing route summarization 11

Distribution Layer Providing redundant connections, both to access devices and to core devices. Aggregating multiple lower-speed access connections into higher-speed core connections and converting between different media types, if necessary. 12

Core Layer The core layer provides a high-speed backbone. Functions and attributes of the core layer include the following: Providing high-speed , low- latency links and devices for quick transport of data across the backbone. Providing a highly reliable and available backbone . Adapting to network changes quickly by implementing a quick-converging routing protocol. The routing protocol can also be configured to load-balance over redundant links so that the extra capacity can be used when no failures exist. Filtering is not performed at this layer, because it would slow processing. Filtering is done at the distribution layer. 13

Limitation of Hierarchical Model The hierarchical model is useful for smaller networks, but it does not scale well to larger, more complex networks. With only three layers, the model does not allow the modularity required to efficiently design networks with many devices and features. The Enterprise Composite Network Model, provides additional modularity and functions 14

The Cisco Enterprise Composite Network Model Cisco has developed a SAFE blueprint , the principle goal of which is to provide best practices information on designing and implementing secure networks. The SAFE architecture uses a modular approach, providing the advantages previously discussed. The Cisco Enterprise Composite Network Model is the name given to the architecture used by the SAFE blueprint . This model supports larger networks than those designed with only the hierarchical model and clarifies the functional boundaries within the network. 15

The Cisco Enterprise Composite Network Model Functional Areas of the Enterprise Composite Network Model 16

The Cisco Enterprise Composite Network Model 17

The Cisco Enterprise Composite Network Model 18

Enterprise Campus Functional Area The modules within the ENTERPRISE CAMPUS FUNCTIONAL AREA are as follows: Campus Infrastructure module Management module Server module Edge Distribution module 19

Campus Infrastructure module The Campus Infrastructure module represents: one or more buildings connected to a backbone . This module is comprised of three sub-modules: Building, Building Distribution, and Core . These sub-modules map directly onto the hierarchical model's access, distribution, and core layers. 20

Management Module The Management module houses monitoring, logging, security, and other management features within an enterprise Some of the management security : An authentication, authorization, and accounting ( AAA ) server to provide security checks of users. Authentication determines who the user is and whether he is allowed on the network. Authorization determines what the user can do on the network. Accounting records the time of day and time spent, The AAA server can also record a user's location. 21

Management Module Some of the management security : Intrusion (interruption) detection system ( IDS ) and intrusion prevention system ( IPS ) management. IDSs scan network traffic for malicious (Harmful) activity, while IPSs can protect the network if an attack is detected. An IDS and IPS management server logs suspicious activities that are detected by IDS and IPS sensors deployed throughout the network. System logging, for example, using a syslog server to log events and traps 22

Server Module The centralized Server module contains internal campus servers. These servers can include e-mail, file, and print servers, or any other servers that are necessary for the network solutions Layer 3 switches are typically used in this module to provide both the high performance of Layer 2 switching and the Layer 3 routing and filtering capabilities 23

Edge Distribution Module The Edge Distribution module is the interface between the Enterprise Campus (through the Core sub-module) and the Enterprise Edge functional areas. 24 This module typically uses Layer 3 switching to provide high-performance routing, similar to the Server module. Redundancy is again implemented in this module to ensure that the campus users always have access to the Enterprise Edge.

Enterprise Edge Functional Area The Enterprise Edge functional area is the interface between the Enterprise Campus functional area (through the Edge Distribution module) and the Service Provider Edge functional area. It is comprised of the following four modules: E-commerce module Corporate Internet module VPN/Remote Access module WAN module 25

E-commerce module The E-commerce module includes the devices and services necessary for an organization to support e-commerce applications, such as online ordering. The devices in this module usually include web servers, application servers, and security devices such as firewalls and IDS appliances. 26

Corporate Internet Module The Corporate Internet module provides Internet access for the users and passes VPN traffic from remote users to the VPN/Remote Access module. Typical servers in this module include e-mail, File Transfer Protocol (FTP), and Domain Name System (DNS) servers. Security systems, such as firewalls and IDSs/IPSs, are also present here to ensure that only legitimate Internet traffic is allowed into the enterprise. 27

VPN/Remote Access module The VPN/Remote Access module terminates VPN traffic and dial-in connections from external users. Typical devices in this module include dial-in access and VPN concentrators to terminate the remote user connections, and firewalls and IDS appliances to provide security. 28

WAN module The WAN module provides connectivity between remote sites and the main site over various WAN technologies. This module does not include the WAN connections; rather, it provides the interfaces to the WANs. The WAN connections themselves are supplied by the service providers, which are represented in the Service Provider Edge modules. Example WAN interfaces provided by this module are Frame Relay, Asynchronous Transfer Mode (ATM), cable, and leased lines. 29

Service Provider Edge Functional Area The three modules within the Service Provider Edge functional area are as follows: Internet Service Provider (ISP) module Public Switched Telephone Network (PSTN) module Frame Relay/ATM module 30
Tags
network
Categories
Technology
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 8
  • Slides 30
  • Age 5 days
Related Slideshows
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx 11
8-top-ai-courses-for-customer-support-representatives-in-2025.pptx
0 views
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx 10
7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx
0 views
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx 13
25-essential-ai-courses-for-user-support-specialists-in-2025.pptx
0 views
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx 11
8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx
0 views
Know for Certain 21
Know for Certain
0 views
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx 17
PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx
0 views
View More in This Category